WannaCry hero charged with creating Kronos banking malware

The 23-year-old cybersecurity expert, Marcus Hutchins (@Malwaretech on Twitter), who made headlines for identifying the kill switch for the nasty WannaCry ransomware attack preventing it from further spread has been charged in the United States for creating Kronos banking malware.

In total, Hutchins has been charged with six counts of developing and distributing Kronos malware that stole banking credentials from users around the world including the United States between 2014 and 2015.

According to federal court documents seen byThe Washington Post, hours after his arrest in August 2017, Hutchins called an unidentified individual from the jailhouse accepting he wrote the code that was later incorporated with the banking malware – The call was recorded and its transcript was part of the court documents.

“So I wrote code for a guy a while back who then incorporated it into a banking malware, so they have logs of that, and essentially they want to know my part of the banking operation or if I just sold the code onto some guy then they wanted me to, once then found I sold the code to someone, they wanted me to give them his name, and I don’t actually know anything about him,” said Hutchins in the call.

In the call, Hutchins also said that logs of an online chat showed he had given software called ‘compiled binary’ of the code to someone ‘to repay a debt’ of about $5,000 who later used the code for banking malware. This happened when the WannaCry hero was 18 years old.

On the other hand, Hutchins hasdenied all the chargesmeanwhile his defense lawyers maintain the call is inadmissible as evidence as he had been “coerced” by investigators.

Hutchins was arrested while visiting the United States in August 2017 to attend DefCon and BlackHat hacking conference in Las Vegas. On the day of his departure back to London, the Federal Bureau of Investigation (FBI) arrested and accused him of developing the Kronos malware.

Hutchins plans to appeal for the call transcript and post-arrest statements to be suppressed from legal proceedings at a hearing on Wednesday. However, if convicted of all charges Hutchins could face years in prison.

I will confess that I was unaware registering the domain would stop the malware until after i registered it, so initially it was accidental.

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in Milan, Italy.